US20140082358A1 - Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc) - Google Patents

Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc) Download PDF

Info

Publication number
US20140082358A1
US20140082358A1 US13/859,580 US201313859580A US2014082358A1 US 20140082358 A1 US20140082358 A1 US 20140082358A1 US 201313859580 A US201313859580 A US 201313859580A US 2014082358 A1 US2014082358 A1 US 2014082358A1
Authority
US
United States
Prior art keywords
profile
target device
public
key
ecc
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/859,580
Inventor
Madjid Nakhjiri
Tat Keung Chan
Alexander Medvinsky
Eric J. Sprunk
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Arris Technology Inc
Google Technology Holdings LLC
Original Assignee
General Instrument Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by General Instrument Corp filed Critical General Instrument Corp
Priority to PCT/US2013/035842 priority Critical patent/WO2014042701A1/en
Priority to US13/859,580 priority patent/US20140082358A1/en
Assigned to MOTOROLA MOBILITY LLC reassignment MOTOROLA MOBILITY LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: NAKHJIRI, MADJID, SPRUNK, ERIC J., CHAN, TAT KEUNG, MEDVINSKY, ALEXANDER
Publication of US20140082358A1 publication Critical patent/US20140082358A1/en
Assigned to Google Technology Holdings LLC reassignment Google Technology Holdings LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MOTOROLA MOBILITY LLC
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity

Definitions

  • Non-removable, embedded smart cards and trusted environments however, often need data to be provided to them after being embedded. Because of this, embedded smart cards and trusted environments are provided with sensitive data remotely. Providing sensitive data remotely, however, suffers from various security risks, communication complexities, and accountability uncertainties.
  • FIG. 1 illustrates an example environment in which techniques may be employed that enable multiple profiles provided by multiple application service providers to be securely transmitted to a target device.
  • FIG. 2 illustrates a simplified example of a packet that may be used to transmit the profile through the provisioning infrastructure shown in FIG. 1 .
  • FIG. 3 illustrates one example of a key generation process that may be used to encrypt a profile using a key agreement exchange process performed by the SM-DP shown in FIG. 1 .
  • FIG. 4 illustrates one example of an inner layer decryption process that may be performed by a target device to obtain the decrypted profile.
  • FIG. 5 illustrates one example of a target device.
  • FIG. 6 shows one example of a computing device that may be employed as a source node and/or an intermediate node used in the provisioning infrastructure of FIG. 1 .
  • Application service providers such as a mobile network operator (MNO), for example, generally need to remotely provision sensitive data into a secure execution environment of a target device such as a mobile computing device. Since a target device may obtain services from multiple application service providers, each of which may provision its own secure data into its own secure domain of the secure execution environment, the number of different secure domains may become large. This can present a challenge when the amount of resources and secure storage space in the secure execution environment is limited.
  • MNO mobile network operator
  • a profile may include, by way of example, security application algorithm codes, data and cryptographic keys.
  • provisioning may include the transport of encrypted profiles through the network, decryption of encrypted profiles within the secure execution environment, and installation of the profiles within a secure storage for later execution within the secure execution environment.
  • knowledge of each profile should be isolated within a security domain (e.g., a logical segmentation of hardware resources segmented and isolated from other segments by a firewall or the like) designated for the application service provider that is associated with that profile.
  • the secure execution environment may include the above-noted embedded Universal Integrated Circuit Cards (UICC), other forms of embedded chips, various trusted environments, or even movable or non-embedded cards, such as SIM cards, or any of various devices or entities that may benefit from receiving sensitive data securely.
  • UICC embedded Universal Integrated Circuit Cards
  • FIG. 1 illustrates an example environment 100 in which techniques may be employed that enable multiple profiles provided by multiple application service providers to be securely transmitted.
  • Environment 100 includes a provisioning infrastructure that includes a source node 102 , one or more wired and/or wireless communication networks 104 , and intermediate nodes 108 , shown at nodes 108 - 1 , 108 - 2 , 108 - 3 , and 108 - 4 .
  • the provisioning infrastructure transmits the profiles to target device 106 .
  • source node 102 is a source of sensitive data such as a profile intended for the target device 106 .
  • source node 102 is associated with an ASP (e.g., a mobile network operator) in secure communication with a trusted one of the intermediate nodes 108 (e.g., node 108 - 1 ), such as a trusted subscription manager capable of end-to-end encryption of a packet having the sensitive data.
  • ASP e.g., a mobile network operator
  • a trusted subscription manager capable of end-to-end encryption of a packet having the sensitive data.
  • source node 102 will be described as being associated with a mobile network operator
  • the trusted intermediate node is a subscription manager-data preparation (SM-DP)
  • other intermediate nodes are non-serving subscription managers (SMs)
  • SM-SR serving subscription manager-secure routing
  • the secure execution environment will often be described as a UICC. This is but one example of many cases where the techniques described herein may be employed.
  • these same techniques may be used by a bank that provisions smart cards for mobile banking, a utility company that provisions smart meters for tracking utility consumption, or a content delivery provider that provisions a target device such as a set-top box to receive content from multiple content sources, where the content is protected by a Digital Rights Management (DRM) mechanism or a Conditional Access System (CAS).
  • DRM Digital Rights Management
  • CAS Conditional Access System
  • Communication networks 104 can include one or multiple communication networks, each represented by networks 104 - 1 , 104 - 2 , 104 - 3 , 104 - 4 , and 104 - 5 , though the term network may be a simple path between nodes or comprise a complex combination of wired and/or wireless communication channels having multiple networks (e.g., cellular, wired, and wireless local area). While not required, network 104 - 5 is illustrated as a wireless network, as this last hop is often a wireless transmission.
  • the secure transport of the profile through the provisioning infrastructure may require multiple layers of encryption.
  • an inner layer encryption takes place at a subscription manager data preparation node (SM-DP) to provide end-to-end (i.e, SM-DP to target device) protection.
  • An outer layer encryption may be performed over various hops (i.e., SM-SR) of the infrastructure. The outer layer encryption over each hop will be removed by the SM-SR at the end of each hop.
  • the outer layer encryption is removed by a general downloader function within the UICC, while leaving the inner layer encryption to take place in a security domain that is designated for a specific profile and is cryptographically separate. In this way the clear profile from one application service provider is not exposed to any other parts of the UICC (e.g. a security domain belonging to another application service provider).
  • target device 106 receives the profile in packets that are transmitted through a node path 110 .
  • the packets have a cryptographic signature for each node along the required node path.
  • FIG. 2 illustrates a packet 112 in simplified form, which has cryptographic signatures from each of the intermediate nodes 108 (“Int. #1 Sig.” etc.), as well as an end-to-end cryptographic signature (shown as “Source Sig.”), which is signed over the payload (e.g., sensitive data), which may also include a profile.
  • each of the intermediate nodes 108 may cryptographically sign a packet as part of the outer layer encryption process, a required path node can be verified, in some embodiments, without a signature from those of the intermediate nodes that are trusted.
  • the secure execution environment will be described as a Universal Integrated Circuit Card (UICC) that is embedded in a target device.
  • UICC Universal Integrated Circuit Card
  • the ASP which provides the profile will be referred to as an MNO.
  • PLK_UICC public, private key pair
  • PVK_UICC public, private key pair
  • the SM_DP associated with each MNO will either encrypt the profile with the PLK_UICC directly or encrypt the profile with a symmetric profile-encryption-key (PEK) and then in turn encrypt the PEK with the PLK_UICC.
  • PEK profile-encryption-key
  • a problem with this approach is scalability. Even if the same PEK is used for the entire UICC population for a given MNO (which presents a security risk), the SM-DP associated with the given ASP may have to encrypt profiles for millions of UICCs. Thus, the SM-DP would need to have access to millions of PLK_UICCs prior to the provisioning process, which may create significant database problems, even if the keys could be addressed using the UICC identifier (UICC_ID). Furthermore, the UICC manufacturer would have to ship lists of public keys (i.e., lists specifying PLK_UICC) to each MNO that needs to provision the UICC. The key list may also need to be kept secure to avoid malicious provisioning.
  • each MNO uses a global key pair for an entire population of UICCs such as all UICCs of a given model.
  • the public and private keys in this global key pair may be denoted MNO_PLK_UICCM and MNO_PVK_UICCM, respectively.
  • MNO_PLK_UICCM MNO_PLK_UICCM
  • MNO_PVK_UICCM MNO_PVK_UICCM
  • each MNO's SM-DP can use the same key to encrypt a profile (or a PEK) for all UICCs of the same model, but different MNOs will use different key pairs.
  • This approach can significantly simplify the profile preparation process since a database search for individual UICC-unique public keys (PLKs) is not necessary.
  • UICC memory-constrained UICCs
  • a UICC potentially may have to contain a large number of key pairs, particularly if it is going to be used in a geographic region with a large number of MNOs such as in Western Europe, for example.
  • new MNOs for which an RSA key pair had not been pre-loaded in the UICC would be excluded from serving the target device in which the UICC is employed. While it is possible to preload a number of RSA key pairs in UICCs and later assign the key pairs to a new MNO as needed, ultimately the storage space in the UICC would determine the maximum number of operators that can be supported.
  • ECC Elliptic Curve Cryptography
  • a private seed that is unique to each UICC can be loaded within each UICC.
  • the seed can be generated by the UICC manufacturer and loaded into the UICC within the UICC manufacturing facility such that once it is loaded it cannot be extracted and will only be known to the UICC manufacturer and the secure execution engine within the UICC.
  • a new ECC private key (MNO_ECC_PVKDEV) can be calculated as follows using as input a key generation function (KGF) and an MNO identifier (MNO_ID):
  • the corresponding ECC public key can be created from the ECC private key and the ECC curve.
  • a hardware key ladder may be implemented such that both the seed and the PVK cannot be exposed without hardware tampering.
  • the KGF may be proprietary or a well-established function.
  • the KGF can be a standard MAC (Message Authentication Code) function such as HMAC-SHA1, HMAC-SHA256, AES-CMAC, and so on.
  • the KGF should be chosen such that it generates a key of sufficient size which matches the Elliptic Curve parameters.
  • the UICC Since the UICC only needs to store the seed it is able to save significant storage space (in comparison to the amount of storage space needed to store multiple RSA PVKs for multiple MNOs as well as certificates for those MNOs).
  • the UICC Using the seed and the MNO_ID, the UICC is able to generate the MNO_ECC_PVKDEV and then, using the ECC curve, the UICC is able to create the associated MNO_ECC_PLKDEV.
  • MNO_ECC_PVKDEV private, public key pair
  • the list of public keys may be kept secret. If the key list were public, any party could use a public MNO_ECC_PLKDEV to encrypt an illegitimate profile and send it to a UICC. To avoid such an attack, the MNO SM-DP would have to sign the encrypted profile. However, the verification of this signature would require installation of MNO SM-DP certificates for every single MNO/SM-DP within the UICC, which would defeat the purpose of using ECC and private seeds for storage space optimization. Accordingly, by maintaining the public key list in secret the use of a signature can be avoided.
  • a key agreement exchange may take place between the MNO SM-DP and each UICC.
  • a key exchange algorithm that may be employed is a Diffie-Hellman exchange (ECDH) algorithm.
  • ECDH Diffie-Hellman exchange
  • the key generation process shown in FIG. 3 may be used to encrypt a profile using a key agreement exchange process performed by the MNO's SM-DP.
  • the SM-DP generates its own ECC private, public key pair (denoted MNO_ECC_PVKOP and MNO_ECC_PLKOP, respectively).
  • This key pair may be unique for each UICC, a population of UICCs, or each ECDH process that is performed.
  • the SM-DP will then use its own ECC private key (MNO_ECC_PVKOP) and the UICC public key (MNO_ECC_PLKDEV), which is provided by the public key list from UICC manufacturer or vender, to perform a local ECDH key agreement 410 and create the PEK 430 from a shared ECDH secret 420 .
  • a key size reduction process 440 may be performed when generating the PEK 430 , depending on the key size that is needed to encrypt the profile.
  • the SM-DP then uses the PEK to perform a symmetric key encryption process 450 to encrypt the profile for the UICC.
  • the encrypted profile, along with the MNO device identifier (MNO_ID) and the MNO ECC public key (MNO_ECC_PLKOP) are delivered to the target device of the provisioning infrastructure shown in FIG. 1 .
  • the UICC uses its private seed and the MNO identifier (MN_ID) to generate its own ECC private key (MNO_ECC_PVKDEV) using the pre-configured key generator function (KGF) 510 .
  • MNO_ECC_PVKDEV ECC private key
  • KGF key generator function
  • the UICC then creates the PEK to perform decryption.
  • the UICC uses the device ECC private key for this particular MNO (MNO_ECC_PVKDEV) and the MNO ECC public key (MNO_ECC_PLKOP) to perform a local DH key agreement process 520 .
  • MNO_ECC_PVKDEV MNO ECC private key for this particular MNO
  • MNO_ECC_PLKOP MNO ECC public key
  • the UICC can obtain the MNO ECC public key (MNO_ECC_PLKOP) from the MNO along with the encrypted data, especially in cases where the MNO uses a unique public key for each UICC.
  • MNO ECC public key may be obtained by the UICC through other means.
  • the MNO ECC public key may be pre-provisioned in the UICC.
  • the local DH key agreement process 520 may be considered as only half-authenticated since only the MNO_ECCPLKDEV is authenticated (since the UICC public key is provided as part of a key list that is signed by the manufacturer), while MNO_ECC_PLKOP is not authenticated by the UICC, unless the SM-DP uses a signature and an ECC certificate to prove the authenticity of the MNO_ECC_PLKOP.
  • the local ECDH key agreement process 520 creates the PEK 530 from a shared ECDH secret 540 .
  • a key size reduction process 550 may be performed when generating the PEK 530 , depending on the key size that is needed to encrypt the profile.
  • the UICC uses the PEK 530 to perform a symmetric key decryption process 560 to decrypt the profile, which is stored in secure storage device 570 associated with the UICC.
  • One advantage of the provisioning process described above is that a priori knowledge of the MNOs that may need to interact with the UICC is not needed when the UICC is manufactured. This allows the business ecosystem within which the UICC is used to be extended in a flexible manner. In essence, there is practically no limit on the number of MNOs the ecosystem can support. In practice the limit will be determined by the number of key pairs that can be generated from the ECC curve, which is a very large number compared to the possible number of MNOs.
  • a potential downside to this provisioning process is that the UICC manufacturer needs to create a unique private seed for each UICC and then store the seeds in a seed list.
  • all MNOs could agree to use a common Root Certificate Authority (CA) and sign their encrypted profiles using a certificate that chains to this common Root CA. While this would address the problem, in practice it can be difficult to establish a common business and legal entity that would function as a Root Certificate Authority.
  • CA Root Certificate Authority
  • the private key MNO_ECC_PVKDEV for each UICC may be generated using a key generation function (KGF) as follows:
  • the UICC does not need to calculate the public key for the MNO, since it only needs to decrypt the profile encrypted by MNO's SM-DP.
  • the public key list for each MNO may be signed by the UICC manufacturer or vendor prior to shipment to the MNO's SM-DP.
  • the public key list may need to be encrypted in order to keep it secret.
  • ECC Elliptic Curve Cryptography
  • other public key agreement algorithm may be employed instead.
  • an alternative key agreement algorithm that may be employed is the Diffie-Hellman algorithm where the private key MNO_ECC_PVKDEV may be random and the public key is generated using:
  • an MNO-specific boot code may be provided along with, or as a part of, the profile.
  • the boot code may be encrypted along with the profile itself.
  • the UICC may use the PEK to decrypt both the boot code and the profile, possibly in the same step.
  • a cryptographic enforcement technique may be employed to prevent retransmission of an old profile.
  • One such enforcement technique may employ a random value (i.e., a nonce) that is included in a message sent to the MNO by the target device requesting a profile.
  • the reply to the target device should include both the encrypted profile and the random value encrypted together with that profile.
  • the target device later decrypts the profile, it verifies that the random value matches the value included in the request message. If there is no match, it disregards the profile.
  • This cryptographic enforcement technique requires two-way communication between the target device and the MNO.
  • some target devices may only be capable of receiving a broadcast or a multicast and have no way to send a request to the MNO.
  • the MNO can include either a sequence number or a timestamp within the encrypted profile.
  • a target device can persistently store this value and ensure that each successive profile update contains either a nonce or a timestamp that is greater than the previously received value.
  • FIG. 5 illustrates one example of target device 106 .
  • Target device 106 can be one or a combination of various devices, here illustrated with six examples: a smartphone 106 - 1 , a laptop computer 106 - 2 , a television 106 - 3 , a desktop computer 106 - 4 , and a tablet computer 106 - 5 , though other computing devices and systems, such as netbooks, car navigation systems, and servers may also be used.
  • Target device 106 includes a processor 602 for carrying out processing functions associated with one or more of components and functions described herein.
  • Processor 602 can include a single or multiple set of processors or multi-core processors.
  • processor 602 can be implemented as an integrated processing system and/or a distributed processing system.
  • processor 602 may house, execute, and/or process instructions related to reading and writing information to and from the target device 106 and/or the components contained therein.
  • processor 602 may generate and send instructions to the UICC 614 , cache 620 , or memory 604 in the target device 106 to cause a cache to be written to or updated with information that has been read from the UICC 614 .
  • processor 602 may generate and send commands to a power management component on the target device.
  • Target device 106 further includes a memory 604 , such as a computer-readable storage medium for storing data used herein and/or local versions of applications being executed by processor 602 .
  • Memory 604 can include any type of memory usable by a computer, such as random access memory (RAM), read only memory (ROM), tapes, magnetic discs, optical discs, volatile memory, non-volatile memory, and any combination thereof.
  • target device 106 includes a communications component 606 that provides for establishing and maintaining communications with one or more parties utilizing hardware, software, and services as described herein.
  • Communications component 606 may carry communications between components on target device 106 , as well as between target device 106 and external devices, such as devices located across a communications network and/or devices serially or locally connected to target device 106 .
  • communications component 606 may include one or more buses, and may further include transmit chain components and receive chain components associated with a transmitter and receiver, respectively, operable for interfacing with external devices.
  • target device 106 may include a data store 608 , which can be any suitable combination of hardware and/or software, that provides for mass storage of information, databases, and programs employed in connection with aspects described herein.
  • data store 608 may be a data repository for applications not currently being executed by processor 602 .
  • Target device 106 may additionally include a user interface component 610 operable to receive inputs from a user of target device 106 , and further operable to generate outputs for presentation to the user.
  • User interface component 610 may include one or more input devices, including but not limited to a keyboard, a number pad, a mouse, a touch-sensitive display, a navigation key, a function key, a microphone, a voice recognition component, any other mechanism capable of receiving an input from a user, or any combination thereof.
  • user interface component 610 may include one or more output devices, including but not limited to a display, a speaker, a haptic feedback mechanism, a printer, any other mechanism capable of presenting an output to a user, or any combination thereof.
  • Target device 106 also includes a UICC 614 , which may contain subscription, connection, or other information related to wireless communication with a wireless network.
  • UICC 614 may be removable, meaning that it may be detached from the target device 106 if removal is needed.
  • UICC 614 may store personal data for a user.
  • the UICC may contain a subscriber identity module (SIM) application, a universal subscriber identity module (USIM), and/or a CDMA subscriber identity module (CSIM) application for network authentication purposes.
  • SIM subscriber identity module
  • USIM universal subscriber identity module
  • CSIM CDMA subscriber identity module
  • UICC 614 may contain a removable user identity module (R-UIM), or may itself be referred to as an R-UIM.
  • R-UIM removable user identity module
  • UICC 614 may include an internal central processing unit (CPU), random access memory (RAM), read-only memory (ROM), electrically-erasable programmable read only memory (EEPROM), other non-volatile or volatile memory, and/or input/output circuitry. Additionally, the UICC may contain information related to radio access networks utilizing several access technologies and/or communication protocols, such as, but not limited to, Global System for Mobile Communication (GSM), Enhanced Data Rates for GSM Evolution (EDGE), Universal Mobile Telecommunications System (UMTS), High Speed Packet Access (HSPA), Long Term Evolution (LTE), LTE Advanced, or any other high-speed data packet network access technology, including those access technologies that are part of the 4G access technology family.
  • GSM Global System for Mobile Communication
  • EDGE Enhanced Data Rates for GSM Evolution
  • UMTS Universal Mobile Telecommunications System
  • HSPA High Speed Packet Access
  • LTE Long Term Evolution
  • LTE Advanced LTE Advanced
  • Target device 106 may include a power management component 612 for switching power to UICC 514 on and off.
  • Power management component 612 may receive instructions for switching power to the UICC 614 on and off from processor 602 or any other component in target device 106 and/or components external to target device 106 , such as network components.
  • Target device 106 may include a nonvolatile memory (NV) component 618 .
  • the NV may contain subscription, connection, or any information related to establishing a connection with a wireless network or authenticating a user to such a network.
  • a wireless network may utilize an access technology and/or communication protocol or standard such as, but not limited to, CDMA2000 1 ⁇ (IS-2000), 1 ⁇ , 1 ⁇ RTT, CDMA2000, and/or 1 ⁇ EV-DO (Evolution-Data Optimized), also known as EV-DO or EV, or any other access technology that is part of the 3G access technology family.
  • Target device 106 may contain a cache 620 , which may store information recently read from UICC 614 .
  • Cache 620 may include memory for storing such information, which may any type of memory usable by a computer, such as RAM, ROM, EEPROM, tapes, magnetic discs, optical discs, volatile memory, a general non-volatile memory.
  • cache 620 may include NV 618 , and therefore may store contain subscription, connection, or any information related to establishing a connection with a wireless network or authenticating a user to such a network.
  • such a wireless network may utilize an access technology and/or communication protocol or standard such as, but not limited to, CDMA2000 1 ⁇ (IS-2000), 1 ⁇ , 1 ⁇ RTT, CDMA2000, and/or 1 ⁇ EV-DO (Evolution-Data Optimized), also known as EV-DO or EV, or any other access technology that is part of the 3G access technology family.
  • CDMA2000 1 ⁇ IS-2000
  • 1 ⁇ , 1 ⁇ RTT CDMA2000
  • 1 ⁇ EV-DO Evolution-Data Optimized
  • cache 620 may include information stored on the UICC 614 , such as, but not limited to information related to radio access networks utilizing several access technologies and/or communication protocols, such as, but not limited to, Global System for Mobile Communication (GSM), Enhanced Data Rates for GSM Evolution (EDGE), Universal Mobile Telecommunications System (UMTS), High Speed Packet Access (HSPA), Long Term Evolution (LTE), LTE Advanced, or any other high-speed data packet network access technology, including those access technologies that are part of the 4G access technology family.
  • GSM Global System for Mobile Communication
  • EDGE Enhanced Data Rates for GSM Evolution
  • UMTS Universal Mobile Telecommunications System
  • HSPA High Speed Packet Access
  • LTE Long Term Evolution
  • LTE Advanced LTE Advanced
  • the target device 106 may include other forms of embedded chips, various trusted environments, or even movable or non-embedded cards, such as SIM cards.
  • FIG. 6 shows one example of a computing device 800 that may be employed as a node (e.g., source node 102 and/or intermediate nodes 108 of FIG. 1 ) in the provisioning infrastructure of FIG. 1 .
  • Computing device 800 can be integrated with electronic circuitry, a microprocessor, memory, input-output (I/O) logic control, communication interfaces and components, other hardware, firmware, and/or software needed to run an entire device.
  • Computing device 800 can also include an integrated data bus (not shown) that couples the various components of the computing device for data communication between the components.
  • Computing device 800 includes various components such as an input-output (I/O) logic control 802 , microprocessor(s) 804 (e.g., a microcontroller or digital signal processor), operating system 808 and communications interface 812 .
  • Computing device 800 also includes a memory 806 , which can be any type of random access memory (RAM), a low-latency nonvolatile memory (e.g., flash memory), read only memory (ROM), and/or other suitable electronic data storage.
  • Memory 806 includes or has access to encryption module 810 , which may be used to perform inner and/or outer encryption.
  • Computing device 800 can also include various firmware and/or software, such as an operating system 808 , which, along with other components, can be computer-executable instructions maintained by memory 806 and executed by microprocessor 804 .
  • Computing device 800 can also include other various communication interfaces 810 and components, wireless LAN (WLAN) or wireless PAN (WPAN) components, other hardware, firmware, and/or software.
  • WLAN wireless LAN
  • WPAN wireless PAN
  • modules and components can be implemented as computer-executable instructions maintained by memory 806 and executed by microprocessor 804 to implement various embodiments and/or features described herein.
  • any or all of these components can be implemented as hardware, firmware, fixed logic circuitry, or any combination thereof that is implemented in connection with the I/O logic control 802 and/or other signal processing and control circuits of example device 800 .
  • some of these components may act separate from device 800 .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method provides end-to-end security for transport of a profile to a target device (e.g., a mobile computing device) over at least one communications network that includes a plurality of nodes. In accordance with the method, the profile is encrypted for transport between the target device and an initial node of the network through which the profile is transported. The encryption is an end-to-end inner layer encryption performed prior to hop-to-hop encryption. The encrypting uses a public key of a public, private key pair. The private key is derivable from a seed securely provisioned in the target device using a public key algorithm. The encrypted profile is transmitted over the communications network to the target device.

Description

    RELATED APPLICATION
  • This application claims priority to provisional patent application Ser. No. 61/702,192, entitled “EFFICIENT KEY GENERATOR FOR DISTRIBUTION OF SENSITIVE MATERIAL TO MULTI-OWNER SECURE ELEMENTS”.
    • BACKGROUND
  • Current smart-card technologies are moving towards non-removable embedded smart cards for use in mobile computing devices, such as mobile phones, tablet computers, and automobile navigation systems. Recent examples include embedded Universal Integrated Circuit Cards (UICC), which are used to host security-sensitive functions. Aside from smart cards, there is also a trend to use trusted environments to perform functions similar to functions currently performed by smart cards.
  • Non-removable, embedded smart cards and trusted environments, however, often need data to be provided to them after being embedded. Because of this, embedded smart cards and trusted environments are provided with sensitive data remotely. Providing sensitive data remotely, however, suffers from various security risks, communication complexities, and accountability uncertainties.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 illustrates an example environment in which techniques may be employed that enable multiple profiles provided by multiple application service providers to be securely transmitted to a target device.
  • FIG. 2 illustrates a simplified example of a packet that may be used to transmit the profile through the provisioning infrastructure shown in FIG. 1.
  • FIG. 3 illustrates one example of a key generation process that may be used to encrypt a profile using a key agreement exchange process performed by the SM-DP shown in FIG. 1.
  • FIG. 4 illustrates one example of an inner layer decryption process that may be performed by a target device to obtain the decrypted profile.
  • FIG. 5 illustrates one example of a target device.
  • FIG. 6 shows one example of a computing device that may be employed as a source node and/or an intermediate node used in the provisioning infrastructure of FIG. 1.
    •  DETAILED DESCRIPTION
  • Application service providers such as a mobile network operator (MNO), for example, generally need to remotely provision sensitive data into a secure execution environment of a target device such as a mobile computing device. Since a target device may obtain services from multiple application service providers, each of which may provision its own secure data into its own secure domain of the secure execution environment, the number of different secure domains may become large. This can present a challenge when the amount of resources and secure storage space in the secure execution environment is limited.
  • As detailed below, techniques and arrangements are provided which allow multiple application service providers to provision sensitive data, referred to herein as a profile, in a target device. A profile may include, by way of example, security application algorithm codes, data and cryptographic keys. Such provisioning may include the transport of encrypted profiles through the network, decryption of encrypted profiles within the secure execution environment, and installation of the profiles within a secure storage for later execution within the secure execution environment. Because profiles from multiple application service providers are to be resident in the same secure execution environment, knowledge of each profile should be isolated within a security domain (e.g., a logical segmentation of hardware resources segmented and isolated from other segments by a firewall or the like) designated for the application service provider that is associated with that profile.
  • The secure execution environment may include the above-noted embedded Universal Integrated Circuit Cards (UICC), other forms of embedded chips, various trusted environments, or even movable or non-embedded cards, such as SIM cards, or any of various devices or entities that may benefit from receiving sensitive data securely.
  • The following discussion first describes an operating environment, followed by example methods for employing the techniques in the environment, and then proceeds with an example device for employing the techniques.
    • Example Environment
  • FIG. 1 illustrates an example environment 100 in which techniques may be employed that enable multiple profiles provided by multiple application service providers to be securely transmitted. Environment 100 includes a provisioning infrastructure that includes a source node 102, one or more wired and/or wireless communication networks 104, and intermediate nodes 108, shown at nodes 108-1, 108-2, 108-3, and 108-4. The provisioning infrastructure transmits the profiles to target device 106.
  • Generally, source node 102 is a source of sensitive data such as a profile intended for the target device 106. In some cases, source node 102 is associated with an ASP (e.g., a mobile network operator) in secure communication with a trusted one of the intermediate nodes 108 (e.g., node 108-1), such as a trusted subscription manager capable of end-to-end encryption of a packet having the sensitive data.
  • For purposes of illustration, source node 102 will be described as being associated with a mobile network operator, the trusted intermediate node is a subscription manager-data preparation (SM-DP), other intermediate nodes are non-serving subscription managers (SMs), and a last intermediate node, which is trusted by the target device 106, is a serving subscription manager-secure routing (SM-SR). In addition, the secure execution environment will often be described as a UICC. This is but one example of many cases where the techniques described herein may be employed. For instance, these same techniques may be used by a bank that provisions smart cards for mobile banking, a utility company that provisions smart meters for tracking utility consumption, or a content delivery provider that provisions a target device such as a set-top box to receive content from multiple content sources, where the content is protected by a Digital Rights Management (DRM) mechanism or a Conditional Access System (CAS).
  • Communication networks 104 can include one or multiple communication networks, each represented by networks 104-1, 104-2, 104-3, 104-4, and 104-5, though the term network may be a simple path between nodes or comprise a complex combination of wired and/or wireless communication channels having multiple networks (e.g., cellular, wired, and wireless local area). While not required, network 104-5 is illustrated as a wireless network, as this last hop is often a wireless transmission.
  • The secure transport of the profile through the provisioning infrastructure may require multiple layers of encryption. For instance, an inner layer encryption takes place at a subscription manager data preparation node (SM-DP) to provide end-to-end (i.e, SM-DP to target device) protection. An outer layer encryption may be performed over various hops (i.e., SM-SR) of the infrastructure. The outer layer encryption over each hop will be removed by the SM-SR at the end of each hop. Over the last hop between the serving SM-SR and the UICC, the outer layer encryption is removed by a general downloader function within the UICC, while leaving the inner layer encryption to take place in a security domain that is designated for a specific profile and is cryptographically separate. In this way the clear profile from one application service provider is not exposed to any other parts of the UICC (e.g. a security domain belonging to another application service provider).
  • Generally, target device 106 receives the profile in packets that are transmitted through a node path 110. As part of the outer layer encryption process the packets have a cryptographic signature for each node along the required node path. FIG. 2 illustrates a packet 112 in simplified form, which has cryptographic signatures from each of the intermediate nodes 108 (“Int. #1 Sig.” etc.), as well as an end-to-end cryptographic signature (shown as “Source Sig.”), which is signed over the payload (e.g., sensitive data), which may also include a profile. While each of the intermediate nodes 108 may cryptographically sign a packet as part of the outer layer encryption process, a required path node can be verified, in some embodiments, without a signature from those of the intermediate nodes that are trusted.
    • Inner Layer Encryption
  • As previously mentioned, a problem may arise when inner layer encryption is employed to secure multiple profiles within a common secure execution environment. For purposes of illustration and not as a limitation on the subject matter described herein, the secure execution environment will be described as a Universal Integrated Circuit Card (UICC) that is embedded in a target device. Likewise, the ASP which provides the profile will be referred to as an MNO.
  • A simply way to address this problem is to have a public, private key pair (denoted as PLK_UICC and PVK_UICC, respectively) for each UICC. The SM_DP associated with each MNO will either encrypt the profile with the PLK_UICC directly or encrypt the profile with a symmetric profile-encryption-key (PEK) and then in turn encrypt the PEK with the PLK_UICC.
  • A problem with this approach is scalability. Even if the same PEK is used for the entire UICC population for a given MNO (which presents a security risk), the SM-DP associated with the given ASP may have to encrypt profiles for millions of UICCs. Thus, the SM-DP would need to have access to millions of PLK_UICCs prior to the provisioning process, which may create significant database problems, even if the keys could be addressed using the UICC identifier (UICC_ID). Furthermore, the UICC manufacturer would have to ship lists of public keys (i.e., lists specifying PLK_UICC) to each MNO that needs to provision the UICC. The key list may also need to be kept secure to avoid malicious provisioning.
  • This problem of scalability can be addressed if each MNO uses a global key pair for an entire population of UICCs such as all UICCs of a given model. The public and private keys in this global key pair may be denoted MNO_PLK_UICCM and MNO_PVK_UICCM, respectively. In this way each MNO's SM-DP can use the same key to encrypt a profile (or a PEK) for all UICCs of the same model, but different MNOs will use different key pairs. This approach can significantly simplify the profile preparation process since a database search for individual UICC-unique public keys (PLKs) is not necessary.
  • However, this approach may create storage problems for memory-constrained UICCs, especially if RSA key pairs are used. A UICC potentially may have to contain a large number of key pairs, particularly if it is going to be used in a geographic region with a large number of MNOs such as in Western Europe, for example. Furthermore, if pre-loaded RSA key pairs are used for each MNO, new MNOs for which an RSA key pair had not been pre-loaded in the UICC would be excluded from serving the target device in which the UICC is employed. While it is possible to preload a number of RSA key pairs in UICCs and later assign the key pairs to a new MNO as needed, ultimately the storage space in the UICC would determine the maximum number of operators that can be supported.
  • Another alternative approach is to use public key algorithms that allow a private key to be generated as a random value. An example of such a public key algorithm is Elliptic Curve Cryptography (ECC). In contrast to RSA key pairs, where the key generation process involves the search for prime numbers with specific properties, ECC private keys (PVK) only have to be within a specific range and, once the ECC PVK and the ECC curve are known, the ECC public key (PLK) can be generated simply by having knowledge of the PVK and the ECC curve.
  • To generate ECC private keys within the UICC, a private seed that is unique to each UICC can be loaded within each UICC. In some implementations the seed can be generated by the UICC manufacturer and loaded into the UICC within the UICC manufacturing facility such that once it is loaded it cannot be extracted and will only be known to the UICC manufacturer and the secure execution engine within the UICC. In one particular implementation a new ECC private key (MNO_ECC_PVKDEV) can be calculated as follows using as input a key generation function (KGF) and an MNO identifier (MNO_ID):
      • MNO_ECC_PVKDEV=KGF(private_seed, MNO_ID)
  • As previously mentioned, the corresponding ECC public key can be created from the ECC private key and the ECC curve.
  • In some cases, for a highly robust implementation a hardware key ladder may be implemented such that both the seed and the PVK cannot be exposed without hardware tampering. The KGF may be proprietary or a well-established function. For example, the KGF can be a standard MAC (Message Authentication Code) function such as HMAC-SHA1, HMAC-SHA256, AES-CMAC, and so on. The KGF should be chosen such that it generates a key of sufficient size which matches the Elliptic Curve parameters.
  • Since the UICC only needs to store the seed it is able to save significant storage space (in comparison to the amount of storage space needed to store multiple RSA PVKs for multiple MNOs as well as certificates for those MNOs). Using the seed and the MNO_ID, the UICC is able to generate the MNO_ECC_PVKDEV and then, using the ECC curve, the UICC is able to create the associated MNO_ECC_PLKDEV.
  • An MNO that intends to provision a population of UICCs with profiles contacts the UICC manufacturer or vendor for a list of key pairs that is specific to that MNO. Accordingly, the UICC manufacturer or vendor creates a private, public key pair (MNO_ECC_PVKDEV, MNO_ECC_PLKDEV) based on the private seeds and then sends the public key list (the list of MNO_ECC_PLKDEV) to the SM-DP associated with that MNO.
  • As an authentication measure, the list of public keys may be kept secret. If the key list were public, any party could use a public MNO_ECC_PLKDEV to encrypt an illegitimate profile and send it to a UICC. To avoid such an attack, the MNO SM-DP would have to sign the encrypted profile. However, the verification of this signature would require installation of MNO SM-DP certificates for every single MNO/SM-DP within the UICC, which would defeat the purpose of using ECC and private seeds for storage space optimization. Accordingly, by maintaining the public key list in secret the use of a signature can be avoided.
  • To be able to establish a profile encryption key (PEK) using ECC, a key agreement exchange may take place between the MNO SM-DP and each UICC. One example of a key exchange algorithm that may be employed is a Diffie-Hellman exchange (ECDH) algorithm. However, to avoid the delay and network traffic associated with a Diffie-Hellman exchange, the key generation process shown in FIG. 3 may be used to encrypt a profile using a key agreement exchange process performed by the MNO's SM-DP. As part of this process the SM-DP generates its own ECC private, public key pair (denoted MNO_ECC_PVKOP and MNO_ECC_PLKOP, respectively). This key pair may be unique for each UICC, a population of UICCs, or each ECDH process that is performed. The SM-DP will then use its own ECC private key (MNO_ECC_PVKOP) and the UICC public key (MNO_ECC_PLKDEV), which is provided by the public key list from UICC manufacturer or vender, to perform a local ECDH key agreement 410 and create the PEK 430 from a shared ECDH secret 420. In some cases a key size reduction process 440 may be performed when generating the PEK 430, depending on the key size that is needed to encrypt the profile. The SM-DP then uses the PEK to perform a symmetric key encryption process 450 to encrypt the profile for the UICC. Finally, the encrypted profile, along with the MNO device identifier (MNO_ID) and the MNO ECC public key (MNO_ECC_PLKOP) are delivered to the target device of the provisioning infrastructure shown in FIG. 1.
  • Once the UICC receives the inner layer encrypted profile it performs a decryption process to remove the inner layer encryption, as illustrated in FIG. 4. As shown, the UICC uses its private seed and the MNO identifier (MN_ID) to generate its own ECC private key (MNO_ECC_PVKDEV) using the pre-configured key generator function (KGF) 510. The UICC then creates the PEK to perform decryption. To create the PEK, the UICC uses the device ECC private key for this particular MNO (MNO_ECC_PVKDEV) and the MNO ECC public key (MNO_ECC_PLKOP) to perform a local DH key agreement process 520. As discussed above in connection with FIG. 3, the UICC can obtain the MNO ECC public key (MNO_ECC_PLKOP) from the MNO along with the encrypted data, especially in cases where the MNO uses a unique public key for each UICC. Alternatively, the MNO ECC public key may be obtained by the UICC through other means. For example, the MNO ECC public key may be pre-provisioned in the UICC. One potential downside to this approach is that the local DH key agreement process 520 may be considered as only half-authenticated since only the MNO_ECCPLKDEV is authenticated (since the UICC public key is provided as part of a key list that is signed by the manufacturer), while MNO_ECC_PLKOP is not authenticated by the UICC, unless the SM-DP uses a signature and an ECC certificate to prove the authenticity of the MNO_ECC_PLKOP.
  • The local ECDH key agreement process 520 creates the PEK 530 from a shared ECDH secret 540. In some cases a key size reduction process 550 may be performed when generating the PEK 530, depending on the key size that is needed to encrypt the profile. The UICC then uses the PEK 530 to perform a symmetric key decryption process 560 to decrypt the profile, which is stored in secure storage device 570 associated with the UICC.
  • One advantage of the provisioning process described above is that a priori knowledge of the MNOs that may need to interact with the UICC is not needed when the UICC is manufactured. This allows the business ecosystem within which the UICC is used to be extended in a flexible manner. In essence, there is practically no limit on the number of MNOs the ecosystem can support. In practice the limit will be determined by the number of key pairs that can be generated from the ECC curve, which is a very large number compared to the possible number of MNOs.
  • A potential downside to this provisioning process, however, is that the UICC manufacturer needs to create a unique private seed for each UICC and then store the seeds in a seed list. Alternatively, all MNOs could agree to use a common Root Certificate Authority (CA) and sign their encrypted profiles using a certificate that chains to this common Root CA. While this would address the problem, in practice it can be difficult to establish a common business and legal entity that would function as a Root Certificate Authority.
  • Instead of using a unique private seed for each UICC, another solution is to use a global private seed for a population of UICC models and then use the UICC identifier (UICC_ID) in the calculation of the ECC private key for each UICC. That is, the private key MNO_ECC_PVKDEV for each UICC may be generated using a key generation function (KGF) as follows:
      • MNO_ECC_PVKDEV=KGF(UICCM_private_seed, UICC_ID, MNO_ID)
  • A weakness of this alternative approach is that if the private_seed for a particular UICC model is exposed, then the entire population of UICCs will be compromised for all the MNOs involved.
  • It should be noted that the UICC does not need to calculate the public key for the MNO, since it only needs to decrypt the profile encrypted by MNO's SM-DP. The public key list for each MNO may be signed by the UICC manufacturer or vendor prior to shipment to the MNO's SM-DP. In addition, the public key list may need to be encrypted in order to keep it secret. One downside to this solution is that the UICC manufacturer or vendor is fully trusted with both the private and public key pairs and thus plays a significant trusted role in the ecosystem. This is, however, also the case with existing UICC vendors.
  • The encryption algorithm described above employs Elliptic Curve Cryptography (ECC) as the public key agreement algorithm which is used to randomly generate a private key. Of course, other public key agreement algorithm may be employed instead. For instance, in one implementation an alternative key agreement algorithm that may be employed is the Diffie-Hellman algorithm where the private key MNO_ECC_PVKDEV may be random and the public key is generated using:
      • MNO_ECC_PLKDEV=gMNO ECC PVKDEVmod p
        where g is called a generator and p is a large prime number, typically at least 1024 bits long. This algorithm may be used instead of the ECC algorithm described above in connection with the encryption and decryption processes shown in FIGS. 3 and 4, respectively.
  • It should also be noted that an MNO-specific boot code may be provided along with, or as a part of, the profile. In either case the boot code may be encrypted along with the profile itself. In such a case the UICC may use the PEK to decrypt both the boot code and the profile, possibly in the same step.
    • Replay Protection
  • In some cases it may be undesirable to allow the same encrypted profile to be retransmitted to the same target device without permission. However, there may be legitimate reasons to change the profile of a target device and thus a cryptographic enforcement technique may be employed to prevent retransmission of an old profile. One such enforcement technique may employ a random value (i.e., a nonce) that is included in a message sent to the MNO by the target device requesting a profile. The reply to the target device should include both the encrypted profile and the random value encrypted together with that profile. When the target device later decrypts the profile, it verifies that the random value matches the value included in the request message. If there is no match, it disregards the profile.
  • This cryptographic enforcement technique requires two-way communication between the target device and the MNO. However, some target devices may only be capable of receiving a broadcast or a multicast and have no way to send a request to the MNO. In this case, the MNO can include either a sequence number or a timestamp within the encrypted profile. A target device can persistently store this value and ensure that each successive profile update contains either a nonce or a timestamp that is greater than the previously received value.
    • Example Target Device
  • FIG. 5 illustrates one example of target device 106. Target device 106 can be one or a combination of various devices, here illustrated with six examples: a smartphone 106-1, a laptop computer 106-2, a television 106-3, a desktop computer 106-4, and a tablet computer 106-5, though other computing devices and systems, such as netbooks, car navigation systems, and servers may also be used.
  • Target device 106 includes a processor 602 for carrying out processing functions associated with one or more of components and functions described herein. Processor 602 can include a single or multiple set of processors or multi-core processors. Moreover, processor 602 can be implemented as an integrated processing system and/or a distributed processing system. Furthermore, processor 602 may house, execute, and/or process instructions related to reading and writing information to and from the target device 106 and/or the components contained therein. For example, in an aspect, processor 602 may generate and send instructions to the UICC 614, cache 620, or memory 604 in the target device 106 to cause a cache to be written to or updated with information that has been read from the UICC 614. Moreover, processor 602 may generate and send commands to a power management component on the target device.
  • Target device 106 further includes a memory 604, such as a computer-readable storage medium for storing data used herein and/or local versions of applications being executed by processor 602. Memory 604 can include any type of memory usable by a computer, such as random access memory (RAM), read only memory (ROM), tapes, magnetic discs, optical discs, volatile memory, non-volatile memory, and any combination thereof.
  • Further, target device 106 includes a communications component 606 that provides for establishing and maintaining communications with one or more parties utilizing hardware, software, and services as described herein. Communications component 606 may carry communications between components on target device 106, as well as between target device 106 and external devices, such as devices located across a communications network and/or devices serially or locally connected to target device 106. For example, communications component 606 may include one or more buses, and may further include transmit chain components and receive chain components associated with a transmitter and receiver, respectively, operable for interfacing with external devices.
  • Additionally, target device 106 may include a data store 608, which can be any suitable combination of hardware and/or software, that provides for mass storage of information, databases, and programs employed in connection with aspects described herein. For example, data store 608 may be a data repository for applications not currently being executed by processor 602.
  • Target device 106 may additionally include a user interface component 610 operable to receive inputs from a user of target device 106, and further operable to generate outputs for presentation to the user. User interface component 610 may include one or more input devices, including but not limited to a keyboard, a number pad, a mouse, a touch-sensitive display, a navigation key, a function key, a microphone, a voice recognition component, any other mechanism capable of receiving an input from a user, or any combination thereof. Further, user interface component 610 may include one or more output devices, including but not limited to a display, a speaker, a haptic feedback mechanism, a printer, any other mechanism capable of presenting an output to a user, or any combination thereof.
  • Target device 106 also includes a UICC 614, which may contain subscription, connection, or other information related to wireless communication with a wireless network. In some examples, UICC 614 may be removable, meaning that it may be detached from the target device 106 if removal is needed. In a further aspect, UICC 614 may store personal data for a user. Additionally, the UICC may contain a subscriber identity module (SIM) application, a universal subscriber identity module (USIM), and/or a CDMA subscriber identity module (CSIM) application for network authentication purposes. In some aspects, UICC 614 may contain a removable user identity module (R-UIM), or may itself be referred to as an R-UIM. In some examples, UICC 614 may include an internal central processing unit (CPU), random access memory (RAM), read-only memory (ROM), electrically-erasable programmable read only memory (EEPROM), other non-volatile or volatile memory, and/or input/output circuitry. Additionally, the UICC may contain information related to radio access networks utilizing several access technologies and/or communication protocols, such as, but not limited to, Global System for Mobile Communication (GSM), Enhanced Data Rates for GSM Evolution (EDGE), Universal Mobile Telecommunications System (UMTS), High Speed Packet Access (HSPA), Long Term Evolution (LTE), LTE Advanced, or any other high-speed data packet network access technology, including those access technologies that are part of the 4G access technology family.
  • Target device 106 may include a power management component 612 for switching power to UICC 514 on and off. Power management component 612 may receive instructions for switching power to the UICC 614 on and off from processor 602 or any other component in target device 106 and/or components external to target device 106, such as network components.
  • Target device 106 may include a nonvolatile memory (NV) component 618. In an aspect, the NV may contain subscription, connection, or any information related to establishing a connection with a wireless network or authenticating a user to such a network. By non-limiting example, such a wireless network may utilize an access technology and/or communication protocol or standard such as, but not limited to, CDMA2000 1× (IS-2000), 1×, 1×RTT, CDMA2000, and/or 1×EV-DO (Evolution-Data Optimized), also known as EV-DO or EV, or any other access technology that is part of the 3G access technology family.
  • Target device 106 may contain a cache 620, which may store information recently read from UICC 614. Cache 620 may include memory for storing such information, which may any type of memory usable by a computer, such as RAM, ROM, EEPROM, tapes, magnetic discs, optical discs, volatile memory, a general non-volatile memory. In an aspect, cache 620 may include NV 618, and therefore may store contain subscription, connection, or any information related to establishing a connection with a wireless network or authenticating a user to such a network. Again, by non-limiting example, such a wireless network may utilize an access technology and/or communication protocol or standard such as, but not limited to, CDMA2000 1× (IS-2000), 1×, 1×RTT, CDMA2000, and/or 1×EV-DO (Evolution-Data Optimized), also known as EV-DO or EV, or any other access technology that is part of the 3G access technology family. Additionally, because it may contain subscription information read from UICC 614 in the past, cache 620 may include information stored on the UICC 614, such as, but not limited to information related to radio access networks utilizing several access technologies and/or communication protocols, such as, but not limited to, Global System for Mobile Communication (GSM), Enhanced Data Rates for GSM Evolution (EDGE), Universal Mobile Telecommunications System (UMTS), High Speed Packet Access (HSPA), Long Term Evolution (LTE), LTE Advanced, or any other high-speed data packet network access technology, including those access technologies that are part of the 4G access technology family.
  • As previously mentioned, instead of a UICC, the target device 106 may include other forms of embedded chips, various trusted environments, or even movable or non-embedded cards, such as SIM cards.
    • Example Node
  • FIG. 6 shows one example of a computing device 800 that may be employed as a node (e.g., source node 102 and/or intermediate nodes 108 of FIG. 1) in the provisioning infrastructure of FIG. 1. Computing device 800 can be integrated with electronic circuitry, a microprocessor, memory, input-output (I/O) logic control, communication interfaces and components, other hardware, firmware, and/or software needed to run an entire device. Computing device 800 can also include an integrated data bus (not shown) that couples the various components of the computing device for data communication between the components.
  • Computing device 800 includes various components such as an input-output (I/O) logic control 802, microprocessor(s) 804 (e.g., a microcontroller or digital signal processor), operating system 808 and communications interface 812. Computing device 800 also includes a memory 806, which can be any type of random access memory (RAM), a low-latency nonvolatile memory (e.g., flash memory), read only memory (ROM), and/or other suitable electronic data storage. Memory 806 includes or has access to encryption module 810, which may be used to perform inner and/or outer encryption.
  • Computing device 800 can also include various firmware and/or software, such as an operating system 808, which, along with other components, can be computer-executable instructions maintained by memory 806 and executed by microprocessor 804. Computing device 800 can also include other various communication interfaces 810 and components, wireless LAN (WLAN) or wireless PAN (WPAN) components, other hardware, firmware, and/or software.
  • Other example capabilities and functions of these modules and components are described with reference to components shown in FIGS. 1, 2, and 3. These modules and components, either independently or in combination with other modules or components, can be implemented as computer-executable instructions maintained by memory 806 and executed by microprocessor 804 to implement various embodiments and/or features described herein. Alternatively or additionally, any or all of these components can be implemented as hardware, firmware, fixed logic circuitry, or any combination thereof that is implemented in connection with the I/O logic control 802 and/or other signal processing and control circuits of example device 800. Furthermore, some of these components may act separate from device 800.
  • Although the invention has been described in language specific to structural features and/or methodological acts, it is to be understood that the invention defined in the appended claims is not necessarily limited to the specific features or acts described. Rather, the specific features and acts are disclosed as example forms of implementing the claimed invention.

Claims (24)

1. A method for providing end-to-end security for transport of a profile to a target device over at least one communications network that includes a plurality of nodes, the method comprising:
encrypting the profile between the target device and an initial node of the network through which the profile is transported, the encryption being an end-to-end inner layer encryption performed prior to hop-to-hop encryption, the encrypting using a public key of a public, private key pair, the private key being derivable from a seed securely provisioned in the target device using a public key algorithm; and
causing the encrypted profile to be transmitted over the at least one communications network to the target device.
2. The method of claim 1 wherein the seed is unique to a secure element located in the target device.
3. The method of claim 1 wherein the public key algorithm is based on Elliptic Curve Cryptography (ECC), the public key being derivable from the private key and an ECC curve.
4. The method of claim 2 wherein the private key is derivable from the seed and an identifier associated with a manufacturer or vendor of the secure element.
5. The method of claim 1 wherein the seed is common to particular population of secure elements.
6. The method of claim 3 wherein the public key algorithm is implemented using hardware.
7. The method of claim 4 further comprising maintaining in secret a list of public keys that includes the public key of the public, private key pair, the list of public keys being received by a service provider delivering at least one service to a plurality of target devices in which a plurality of secure elements are respectively located, the list of public keys being received from the manufacturer or vendor of the plurality of secure elements.
8. The method of claim 7 wherein the list of public keys is digitally signed by the manufacturer or vendor.
9. The method of claim 1 further comprising:
generating an ECC key pair associated with a service provider delivering at least one service to the target device;
using an ECC private key in the ECC key pair and the public key of the public, private key pair to perform a local Diffie-Hellman (DH) exchange to create a profile encryption key that is used to encrypt the profile.
10. The method of claim 9 wherein the ECC key pair is unique to a particular population of secure elements respectively located in a population of target devices.
11. The method of claim 9 wherein the ECC public key in the ECC key pair is pre-provisioned in the target device.
12. The method of claim 9 wherein the ECC public key in the ECC key pair is transmitted to the target device along with the encrypted profile.
13. The method of claim 1 wherein the public key algorithm is based on a DH algorithm.
14. The method of claim 1 further comprising:
receiving a request for the profile from the target device, the request including a nonce;
encrypting the nonce with the profile; and
causing the encrypted profile and the encrypted nonce to be transmitted over the at least one communications network to the target device.
15. The method of claim 1 wherein the encrypted profile includes a timestamp or a sequence number.
16. The method of claim 1 wherein the profile is encrypted by a mobile network provider and the seed is located in a secure element in the target device.
17. The method of claim 16 wherein the secure element is a Universal Integrated Circuit Card (UICC).
18. A computer readable storage medium encoded with computer executable instructions which, when executed by a processor, performs a method for decrypting a profile transmitted to a target device in a secure manner by a service provider over a communications network, comprising:
receiving an encrypted rendition of the profile over the communications network;
accessing a seed securely provisioned in the target device;
deriving a first private key of a first public, private key pair from the seed;
obtaining a second public key in a second public, private key pair associated with the service provider;
using the second public key and the first private key derived from the seed to perform a local DH exchange to create a symmetric key; and
decrypting the encrypted rendition of the profile using the symmetric key.
19. The computer readable storage medium of claim 18 wherein the second public, private key pair is generated using an ECC algorithm.
20. The computer readable storage medium of claim 18 further comprising obtaining the second public key from the service provider over the communications network.
21. The computer readable storage medium of claim 18 wherein the seed is unique to a secure element located in the target device.
22. The computer readable storage medium of claim 18 wherein the seed is common to a particular population of secure elements respectively located in a population of target devices.
23. The computer readable storage medium of claim 22 further comprising deriving the first private key of the first public, private key pair using the seed and an identifier associated with a manufacturer or vendor of the secure elements.
24. The computer readable storage medium of claim 22 further comprising deriving the first private key of the first public private key pair using the seed, a first identifier associated with a manufacturer or vendor of the secure elements and a second identifier associated with the secure element in the target device.
US13/859,580 2012-09-17 2013-04-09 Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc) Abandoned US20140082358A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/US2013/035842 WO2014042701A1 (en) 2012-09-17 2013-04-09 Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc)
US13/859,580 US20140082358A1 (en) 2012-09-17 2013-04-09 Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201261702192P 2012-09-17 2012-09-17
US13/859,580 US20140082358A1 (en) 2012-09-17 2013-04-09 Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc)

Publications (1)

Publication Number Publication Date
US20140082358A1 true US20140082358A1 (en) 2014-03-20

Family

ID=50275741

Family Applications (3)

Application Number Title Priority Date Filing Date
US13/859,580 Abandoned US20140082358A1 (en) 2012-09-17 2013-04-09 Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc)
US13/865,078 Active 2033-08-24 US9210138B2 (en) 2012-09-17 2013-04-17 Efficient key generator for distribution of sensitive material from multiple application service providers to a secure element such as a universal integrated circuit card (UICC)
US14/741,719 Active US9485230B2 (en) 2012-09-17 2015-06-17 Efficient key generator for distribution of sensitive material from multiple application service providers to a secure element such as a universal integrated circuit card (UICC)

Family Applications After (2)

Application Number Title Priority Date Filing Date
US13/865,078 Active 2033-08-24 US9210138B2 (en) 2012-09-17 2013-04-17 Efficient key generator for distribution of sensitive material from multiple application service providers to a secure element such as a universal integrated circuit card (UICC)
US14/741,719 Active US9485230B2 (en) 2012-09-17 2015-06-17 Efficient key generator for distribution of sensitive material from multiple application service providers to a secure element such as a universal integrated circuit card (UICC)

Country Status (2)

Country Link
US (3) US20140082358A1 (en)
WO (1) WO2014042701A1 (en)

Cited By (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150180653A1 (en) * 2013-09-10 2015-06-25 John A. Nix Module for "Machine-to-Machine" Communications using Public Key Infrastructure
WO2015167798A1 (en) * 2014-04-29 2015-11-05 Qualcomm Incorporated A remote station for deriving a derivative key in a system-on-a-chip device
WO2016013827A1 (en) * 2014-07-19 2016-01-28 Samsung Electronics Co., Ltd. Method and device for embedded sim provisioning
DE102015208176A1 (en) * 2015-05-04 2016-03-24 Siemens Aktiengesellschaft Device and method for authorizing a private cryptographic key in a device
US20160134318A1 (en) * 2014-09-17 2016-05-12 Simless, Inc. Apparatuses, methods and systems for implementing a system-on-chip with integrated reprogrammable cellular network connectivity
US9351162B2 (en) 2013-11-19 2016-05-24 M2M And Iot Technologies, Llc Network supporting two-factor authentication for modules with embedded universal integrated circuit cards
WO2016168203A1 (en) * 2015-04-15 2016-10-20 Good Technology Corporation Method of operating a computing device, computing device and computer program
WO2016191176A1 (en) 2015-05-22 2016-12-01 Nix John A Cryptographic unit for public key infrastructure (pki) operations
EP3151593A1 (en) * 2015-09-30 2017-04-05 Apple Inc. Pre-personalization of electronic subscriber identity modules
US9635003B1 (en) * 2015-04-21 2017-04-25 The United States Of America As Represented By The Director, National Security Agency Method of validating a private-public key pair
CN106843979A (en) * 2017-01-24 2017-06-13 北京经纬恒润科技有限公司 The update method and device of a kind of application program
CN107276748A (en) * 2017-06-01 2017-10-20 贵州师范大学 A kind of keyless entry of automobile and the key derivation process of activation system
EP3297309A4 (en) * 2015-04-13 2018-04-18 Samsung Electronics Co., Ltd. Technique for managing profile in communication system
EP3219044A4 (en) * 2014-11-11 2018-06-27 Intel Corporation Technologies for trusted device on-boarding
EP3048776B1 (en) * 2015-01-22 2018-07-04 Nxp B.V. Methods for managing content, computer program products and secure element
US20190052610A1 (en) * 2017-08-11 2019-02-14 Honeywell International Inc. Apparatus and method for encapsulation of profile certificate private keys or other data
US20190097794A1 (en) * 2013-11-19 2019-03-28 Network-1 Technologies, Inc. Key Derivation for a Module Using an Embedded Universal Integrated Circuit Card
EP3531667A1 (en) * 2018-02-26 2019-08-28 Deutsche Telekom AG Establishment of communication functions for participant identity modules
US10484376B1 (en) 2015-01-26 2019-11-19 Winklevoss Ip, Llc Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
US10498530B2 (en) 2013-09-27 2019-12-03 Network-1 Technologies, Inc. Secure PKI communications for “machine-to-machine” modules, including key derivation by modules and authenticating public keys
US10516990B2 (en) 2014-09-17 2019-12-24 Simless, Inc. Apparatuses, methods and systems for implementing a trusted subscription management platform
US10652014B2 (en) 2016-02-23 2020-05-12 nChain Holdings Limited Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
US10659223B2 (en) 2016-02-23 2020-05-19 nChain Holdings Limited Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system
US10715336B2 (en) 2016-02-23 2020-07-14 nChain Holdings Limited Personal device security using elliptic curve cryptography for secret sharing
CN112219416A (en) * 2018-06-13 2021-01-12 基根(英国)有限公司 Techniques for authenticating data transmitted over a cellular network
CN112583787A (en) * 2019-09-30 2021-03-30 意法半导体有限公司 Apparatus and method for encryption
US11082406B2 (en) * 2018-11-29 2021-08-03 Secret Double Octopus Ltd System and method for providing end-to-end security of data and metadata
US11120437B2 (en) 2016-02-23 2021-09-14 nChain Holdings Limited Registry and automated management method for blockchain-enforced smart contracts
US11126976B2 (en) 2016-02-23 2021-09-21 nChain Holdings Limited Method and system for efficient transfer of cryptocurrency associated with a payroll on a blockchain that leads to an automated payroll method and system based on smart contracts
US11172352B2 (en) 2014-09-17 2021-11-09 Gigsky, Inc. Apparatuses, methods, and systems for configuring a trusted java card virtual machine using biometric information
US11182782B2 (en) 2016-02-23 2021-11-23 nChain Holdings Limited Tokenisation method and system for implementing exchanges on a blockchain
US11194898B2 (en) 2016-02-23 2021-12-07 nChain Holdings Limited Agent-based turing complete transactions integrating feedback within a blockchain system
US11308486B2 (en) 2016-02-23 2022-04-19 nChain Holdings Limited Method and system for the secure transfer of entities on a blockchain
US11373152B2 (en) 2016-02-23 2022-06-28 nChain Holdings Limited Universal tokenisation system for blockchain-based cryptocurrencies
US11410145B2 (en) 2016-02-23 2022-08-09 nChain Holdings Limited Blockchain-implemented method for control and distribution of digital content
US11455378B2 (en) 2016-02-23 2022-09-27 nChain Holdings Limited Method and system for securing computer software using a distributed hash table and a blockchain
US11606219B2 (en) 2016-02-23 2023-03-14 Nchain Licensing Ag System and method for controlling asset-related actions via a block chain
US11606685B2 (en) 2014-09-17 2023-03-14 Gigsky, Inc. Apparatuses, methods and systems for implementing a trusted subscription management platform
US11625694B2 (en) 2016-02-23 2023-04-11 Nchain Licensing Ag Blockchain-based exchange with tokenisation
US11727501B2 (en) 2016-02-23 2023-08-15 Nchain Licensing Ag Cryptographic method and system for secure extraction of data from a blockchain

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9906372B2 (en) 2013-06-03 2018-02-27 Intel Deutschland Gmbh Authentication devices, key generator devices, methods for controlling an authentication device, and methods for controlling a key generator
KR102311027B1 (en) * 2014-08-14 2021-10-08 삼성전자 주식회사 A method and apparatus for profile downloading of group devices
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10355854B2 (en) * 2015-12-17 2019-07-16 Intel Corporation Privacy preserving group formation with distributed content key generation
US10482621B2 (en) * 2016-08-01 2019-11-19 Cognex Corporation System and method for improved scoring of 3D poses and spurious point removal in 3D image data
US10531950B2 (en) * 2016-11-16 2020-01-14 Tatvum LLC Intraocular lens having an extended depth of focus
US11210678B2 (en) * 2016-11-18 2021-12-28 Samsung Electronics Co., Ltd. Component for provisioning security data and product including the same
US10237063B2 (en) * 2016-12-13 2019-03-19 Nxp B.V. Distributed cryptographic key insertion and key delivery
KR102382851B1 (en) * 2017-07-04 2022-04-05 삼성전자 주식회사 Apparatus and methods for esim device and server to negociate digital certificates
CN108322442A (en) * 2017-12-29 2018-07-24 广州雅广信息科技有限公司 A kind of special line encrypted authentication system
US11063753B2 (en) * 2019-03-20 2021-07-13 Arris Enterprises Llc Secure distribution of device key sets over a network
KR20210055387A (en) 2019-11-07 2021-05-17 삼성전자주식회사 Context based application providing server and controlling method thereof
US11368292B2 (en) 2020-07-16 2022-06-21 Salesforce.Com, Inc. Securing data with symmetric keys generated using inaccessible private keys
JP2023534970A (en) * 2020-07-16 2023-08-15 セールスフォース,インコーポレイティッド Securing data using key agreement
US11522686B2 (en) 2020-07-16 2022-12-06 Salesforce, Inc. Securing data using key agreement
US11792003B2 (en) * 2020-09-29 2023-10-17 Vmware, Inc. Distributed storage system and method of reusing symmetric keys for encrypted message transmissions

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020018569A1 (en) * 1998-12-04 2002-02-14 Prakash Panjwani Enhanced subscriber authentication protocol

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6178506B1 (en) * 1998-10-23 2001-01-23 Qualcomm Inc. Wireless subscription portability
GB2407948B (en) * 2003-11-08 2006-06-21 Hewlett Packard Development Co Smartcard with cryptographic functionality and method and system for using such cards
US7266198B2 (en) * 2004-11-17 2007-09-04 General Instrument Corporation System and method for providing authorized access to digital content
US7636783B2 (en) * 2004-12-06 2009-12-22 Microsoft Corporation Trial-before-purchase subscription game infrastructure for peer-peer networks
US7945653B2 (en) * 2006-10-11 2011-05-17 Facebook, Inc. Tagging digital media
SG147345A1 (en) * 2007-05-03 2008-11-28 Ezypay Pte Ltd System and method for secured data transfer over a network from a mobile device
US8516133B2 (en) * 2008-02-07 2013-08-20 Telefonaktiebolaget Lm Ericsson (Publ) Method and system for mobile device credentialing
US20100150343A1 (en) * 2008-12-15 2010-06-17 Nxp B.V. System and method for encrypting data based on cyclic groups
US8971530B2 (en) * 2009-06-24 2015-03-03 Intel Corporation Cryptographic key generation using a stored input value and a stored count value
GB2481587B (en) * 2010-06-28 2016-03-23 Vodafone Ip Licensing Ltd Authentication
EP2461613A1 (en) * 2010-12-06 2012-06-06 Gemalto SA Methods and system for handling UICC data
US8949586B2 (en) * 2011-10-06 2015-02-03 Cisco Technology, Inc. System and method for authenticating computer system boot instructions during booting by using a public key associated with a processor and a monitoring device
US9049022B2 (en) * 2012-04-27 2015-06-02 Certicom Corp. Hashing prefix-free values in a certificate scheme

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020018569A1 (en) * 1998-12-04 2002-02-14 Prakash Panjwani Enhanced subscriber authentication protocol

Cited By (117)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10187206B2 (en) * 2013-09-10 2019-01-22 Network-1 Technologies, Inc. Key derivation for a module using an embedded universal integrated circuit card
US9288059B2 (en) 2013-09-10 2016-03-15 M2M And Iot Technologies, Llc Secure PKI communications for “machine-to-machine” modules, including key derivation by modules and authenticating public keys
US20150180653A1 (en) * 2013-09-10 2015-06-25 John A. Nix Module for "Machine-to-Machine" Communications using Public Key Infrastructure
US9300473B2 (en) * 2013-09-10 2016-03-29 M2M And Iot Technologies, Llc Module for “machine-to-machine” communications using public key infrastructure
US9319223B2 (en) 2013-09-10 2016-04-19 M2M And Iot Technologies, Llc Key derivation for a module using an embedded universal integrated circuit card
US20210184846A1 (en) * 2013-09-10 2021-06-17 Network-1 Technologies, Inc. Set of Servers for "Machine-to-Machine" Communications Using Public Key Infrastructure
US11258595B2 (en) 2013-09-10 2022-02-22 Network-1 Technologies, Inc. Systems and methods for “Machine-to-Machine” (M2M) communications between modules, servers, and an application using public key infrastructure (PKI)
US11283603B2 (en) * 2013-09-10 2022-03-22 Network-1 Technologies, Inc. Set of servers for “machine-to-machine” communications using public key infrastructure
US9350550B2 (en) 2013-09-10 2016-05-24 M2M And Iot Technologies, Llc Power management and security for wireless modules in “machine-to-machine” communications
US20160234020A1 (en) * 2013-09-10 2016-08-11 M2M And Lot Technologies, Llc Key Derivation for a Module Using an Embedded Universal Integrated Circuit Card
US10652017B2 (en) * 2013-09-10 2020-05-12 Network-1 Technologies, Inc. Set of servers for “machine-to-machine” communications using public key infrastructure
US11539681B2 (en) * 2013-09-10 2022-12-27 Network-1 Technologies, Inc. Network supporting two-factor authentication for modules with embedded universal integrated circuit cards
US10530575B2 (en) 2013-09-10 2020-01-07 Network-1 Technologies, Inc. Systems and methods for “machine-to-machine” (M2M) communications between modules, servers, and an application using public key infrastructure (PKI)
US10523432B2 (en) 2013-09-10 2019-12-31 Network-1 Technologies, Inc. Power management and security for wireless modules in “machine-to-machine” communications
US9998281B2 (en) 2013-09-10 2018-06-12 Network-1 Technologies, Inc. Set of servers for “machine-to-machine” communications using public key infrastructure
US9276740B2 (en) 2013-09-10 2016-03-01 M2M And Iot Technologies, Llc Systems and methods for “machine-to-machine” (M2M) communications between modules, servers, and an application using public key infrastructure (PKI)
US9596078B2 (en) 2013-09-10 2017-03-14 M2M And Iot Technologies, Llc Set of servers for “machine-to-machine” communications using public key infrastructure
US11973863B2 (en) * 2013-09-10 2024-04-30 Network-1 Technologies, Inc. Set of servers for “machine-to-machine” communications using public key infrastructure
US10250386B2 (en) 2013-09-10 2019-04-02 Network-1 Technologies, Inc. Power management and security for wireless modules in “machine-to-machine” communications
US9641327B2 (en) 2013-09-10 2017-05-02 M2M And Iot Technologies, Llc Systems and methods for “machine-to-machine” (M2M) communications between modules, servers, and an application using public key infrastructure (PKI)
US11606204B2 (en) 2013-09-10 2023-03-14 Network-1 Technologies, Inc. Systems and methods for “machine-to-machine” (M2M) communications between modules, servers, and an application using public key infrastructure (PKI)
US9998280B2 (en) 2013-09-10 2018-06-12 Network-1 Technologies, Inc. Secure PKI communications for “machine-to-machine” modules, including key derivation by modules and authenticating public keys
US10177911B2 (en) 2013-09-10 2019-01-08 Network-1 Technologies, Inc. Secure PKI communications for “machine-to-machine” modules, including key derivation by modules and authenticating public keys
US9698981B2 (en) 2013-09-10 2017-07-04 M2M And Iot Technologies, Llc Power management and security for wireless modules in “machine-to-machine” communications
US20180262329A1 (en) * 2013-09-10 2018-09-13 Network-1 Technologies, Inc. Set of Servers for "Machine-to-Machine" Communications Using Public Key Infrastructure
US9742562B2 (en) * 2013-09-10 2017-08-22 M2M And Iot Technologies, Llc Key derivation for a module using an embedded universal integrated circuit card
US10057059B2 (en) 2013-09-10 2018-08-21 Network-1 Technologies, Inc. Systems and methods for “machine-to-machine” (M2M) communications between modules, servers, and an application using public key infrastructure (PKI)
US20170373845A1 (en) * 2013-09-10 2017-12-28 M2M And Lot Technologies, Llc Key Derivation for a Module Using an Embedded Universal Integrated Circuit Card
US10003461B2 (en) 2013-09-10 2018-06-19 Network-1 Technologies, Inc. Power management and security for wireless modules in “machine-to-machine” communications
US10498530B2 (en) 2013-09-27 2019-12-03 Network-1 Technologies, Inc. Secure PKI communications for “machine-to-machine” modules, including key derivation by modules and authenticating public keys
US20230379148A1 (en) * 2013-11-19 2023-11-23 Network-1 Technologies, Inc. Key Derivation for a Module Using an Embedded Universal Integrated Circuit Card
US9961060B2 (en) 2013-11-19 2018-05-01 Network-1 Technologies, Inc. Embedded universal integrated circuit card supporting two-factor authentication
US11082218B2 (en) * 2013-11-19 2021-08-03 Network-1 Technologies, Inc. Key derivation for a module using an embedded universal integrated circuit card
US20210351923A1 (en) * 2013-11-19 2021-11-11 Network-1 Technologies, Inc. Key Derivation for a Module Using an Embedded Universal Integrated Circuit Card
US9351162B2 (en) 2013-11-19 2016-05-24 M2M And Iot Technologies, Llc Network supporting two-factor authentication for modules with embedded universal integrated circuit cards
US11736283B2 (en) * 2013-11-19 2023-08-22 Network-1 Technologies, Inc. Key derivation for a module using an embedded universal integrated circuit card
US10700856B2 (en) * 2013-11-19 2020-06-30 Network-1 Technologies, Inc. Key derivation for a module using an embedded universal integrated circuit card
US20190097794A1 (en) * 2013-11-19 2019-03-28 Network-1 Technologies, Inc. Key Derivation for a Module Using an Embedded Universal Integrated Circuit Card
US10594679B2 (en) 2013-11-19 2020-03-17 Network-1 Technologies, Inc. Network supporting two-factor authentication for modules with embedded universal integrated circuit cards
US10362012B2 (en) * 2013-11-19 2019-07-23 Network-1 Technologies, Inc. Network supporting two-factor authentication for modules with embedded universal integrated circuit cards
US11916893B2 (en) 2013-12-06 2024-02-27 Network-1 Technologies, Inc. Embedded universal integrated circuit card supporting two-factor authentication
US11233780B2 (en) 2013-12-06 2022-01-25 Network-1 Technologies, Inc. Embedded universal integrated circuit card supporting two-factor authentication
US10382422B2 (en) 2013-12-06 2019-08-13 Network-1 Technologies, Inc. Embedded universal integrated circuit card supporting two-factor authentication
CN106256103A (en) * 2014-04-29 2016-12-21 高通股份有限公司 For deriving the distant station of the derivative key in system on chip devices
JP2017517192A (en) * 2014-04-29 2017-06-22 クアルコム,インコーポレイテッド Remote station for deriving derived keys in system-on-chip devices
WO2015167798A1 (en) * 2014-04-29 2015-11-05 Qualcomm Incorporated A remote station for deriving a derivative key in a system-on-a-chip device
US9705546B2 (en) 2014-07-19 2017-07-11 Samsung Electronics Co., Ltd Method and device for embedded SIM provisioning
WO2016013827A1 (en) * 2014-07-19 2016-01-28 Samsung Electronics Co., Ltd. Method and device for embedded sim provisioning
US10631160B2 (en) 2014-09-17 2020-04-21 Simless, Inc. Apparatuses, methods and systems for virtualizing a reprogrammable universal integrated circuit chip
US10516990B2 (en) 2014-09-17 2019-12-24 Simless, Inc. Apparatuses, methods and systems for implementing a trusted subscription management platform
US10278062B2 (en) * 2014-09-17 2019-04-30 Simless, Inc. Apparatuses, methods and systems for implementing a system-on-chip with integrated reprogrammable cellular network connectivity
US20160134318A1 (en) * 2014-09-17 2016-05-12 Simless, Inc. Apparatuses, methods and systems for implementing a system-on-chip with integrated reprogrammable cellular network connectivity
US9949111B2 (en) 2014-09-17 2018-04-17 Simless, Inc. Apparatuses, methods and systems for interfacing with a trusted subscription management platform
US10075841B2 (en) 2014-09-17 2018-09-11 Simless, Inc. Apparatuses, methods and systems for implementing a trusted subscription management platform
US11172352B2 (en) 2014-09-17 2021-11-09 Gigsky, Inc. Apparatuses, methods, and systems for configuring a trusted java card virtual machine using biometric information
US9485252B2 (en) 2014-09-17 2016-11-01 Simless, Inc. Apparatuses, methods and systems for virtualizing a reprogrammable universal integrated circuit chip
US9860740B2 (en) 2014-09-17 2018-01-02 Simless, Inc. Apparatuses, methods and systems for configuring a trusted java card virtual machine using biometric information
US11606685B2 (en) 2014-09-17 2023-03-14 Gigsky, Inc. Apparatuses, methods and systems for implementing a trusted subscription management platform
US10206097B2 (en) 2014-09-17 2019-02-12 Simless, Inc. Apparatuses, methods and systems for configuring a trusted java card virtual machine using biometric information
EP3219044A4 (en) * 2014-11-11 2018-06-27 Intel Corporation Technologies for trusted device on-boarding
US10326590B2 (en) 2014-11-11 2019-06-18 Intel Corporation Technologies for trusted device on-boarding
US10367644B2 (en) 2015-01-22 2019-07-30 Nxp B.V. Methods for managing content, computer program products and secure element
EP3048776B1 (en) * 2015-01-22 2018-07-04 Nxp B.V. Methods for managing content, computer program products and secure element
US10484376B1 (en) 2015-01-26 2019-11-19 Winklevoss Ip, Llc Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
US10778682B1 (en) 2015-01-26 2020-09-15 Winklevoss Ip, Llc Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
US11283797B2 (en) 2015-01-26 2022-03-22 Gemini Ip, Llc Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
EP3562184A1 (en) * 2015-04-13 2019-10-30 Samsung Electronics Co., Ltd. Technique for managing profile in communication system
US10439823B2 (en) * 2015-04-13 2019-10-08 Samsung Electronics Co., Ltd. Technique for managing profile in communication system
US10965470B2 (en) 2015-04-13 2021-03-30 Samsung Electronics Co., Ltd. Technique for managing profile in communication system
EP3297309A4 (en) * 2015-04-13 2018-04-18 Samsung Electronics Co., Ltd. Technique for managing profile in communication system
WO2016168203A1 (en) * 2015-04-15 2016-10-20 Good Technology Corporation Method of operating a computing device, computing device and computer program
US9954834B2 (en) 2015-04-15 2018-04-24 Blackberry Limited Method of operating a computing device, computing device and computer program
US9635003B1 (en) * 2015-04-21 2017-04-25 The United States Of America As Represented By The Director, National Security Agency Method of validating a private-public key pair
DE102015208176A1 (en) * 2015-05-04 2016-03-24 Siemens Aktiengesellschaft Device and method for authorizing a private cryptographic key in a device
US11748500B2 (en) 2015-05-22 2023-09-05 Huawei Device Co., Ltd. Cryptographic unit for public key infrastructure (PKI) operations
WO2016191176A1 (en) 2015-05-22 2016-12-01 Nix John A Cryptographic unit for public key infrastructure (pki) operations
EP3374923A4 (en) * 2015-05-22 2019-01-16 John A. Nix Cryptographic unit for public key infrastructure (pki) operations
US10380362B2 (en) 2015-05-22 2019-08-13 Iot And M2M Technologies, Llc Cryptographic unit for public key infrastructure (PKI) operations
EP3941101A1 (en) * 2015-05-22 2022-01-19 Huawei Device Co., Ltd. Cryptographic unit for public key infrastructure (pki) operations
US10204233B2 (en) 2015-05-22 2019-02-12 John A. Nix Cryptographic unit for public key infrastructure (PKI) operations
US10296752B2 (en) * 2015-05-22 2019-05-21 Iot And M2M Technologies, Llc Cryptographic unit for public key infrastructure (PKI) operations
US20180144147A1 (en) * 2015-05-22 2018-05-24 John A. Nix Cryptographic Unit for Public Key Infrastructure (PKI) Operations
US11080414B2 (en) * 2015-05-22 2021-08-03 Huawei Device Co., Ltd. Cryptographic unit for public key infrastructure (PKI) operations
US10396981B2 (en) 2015-09-30 2019-08-27 Apple Inc. Pre-personalization of electronic subscriber identity modules
CN106714139A (en) * 2015-09-30 2017-05-24 苹果公司 Pre-personalization of electronic subscriber identity modules
EP3151593A1 (en) * 2015-09-30 2017-04-05 Apple Inc. Pre-personalization of electronic subscriber identity modules
US11727501B2 (en) 2016-02-23 2023-08-15 Nchain Licensing Ag Cryptographic method and system for secure extraction of data from a blockchain
US11120437B2 (en) 2016-02-23 2021-09-14 nChain Holdings Limited Registry and automated management method for blockchain-enforced smart contracts
US11455378B2 (en) 2016-02-23 2022-09-27 nChain Holdings Limited Method and system for securing computer software using a distributed hash table and a blockchain
US11972422B2 (en) 2016-02-23 2024-04-30 Nchain Licensing Ag Registry and automated management method for blockchain-enforced smart contracts
US11936774B2 (en) 2016-02-23 2024-03-19 Nchain Licensing Ag Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
US10715336B2 (en) 2016-02-23 2020-07-14 nChain Holdings Limited Personal device security using elliptic curve cryptography for secret sharing
US10659223B2 (en) 2016-02-23 2020-05-19 nChain Holdings Limited Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system
US10652014B2 (en) 2016-02-23 2020-05-12 nChain Holdings Limited Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
US11308486B2 (en) 2016-02-23 2022-04-19 nChain Holdings Limited Method and system for the secure transfer of entities on a blockchain
US11349645B2 (en) 2016-02-23 2022-05-31 Nchain Holdings Ltd. Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
US11347838B2 (en) 2016-02-23 2022-05-31 Nchain Holdings Ltd. Blockchain implemented counting system and method for use in secure voting and distribution
US11356280B2 (en) 2016-02-23 2022-06-07 Nchain Holdings Ltd Personal device security using cryptocurrency wallets
US11373152B2 (en) 2016-02-23 2022-06-28 nChain Holdings Limited Universal tokenisation system for blockchain-based cryptocurrencies
US11410145B2 (en) 2016-02-23 2022-08-09 nChain Holdings Limited Blockchain-implemented method for control and distribution of digital content
US11194898B2 (en) 2016-02-23 2021-12-07 nChain Holdings Limited Agent-based turing complete transactions integrating feedback within a blockchain system
US11755718B2 (en) 2016-02-23 2023-09-12 Nchain Licensing Ag Blockchain implemented counting system and method for use in secure voting and distribution
US11182782B2 (en) 2016-02-23 2021-11-23 nChain Holdings Limited Tokenisation method and system for implementing exchanges on a blockchain
US11606219B2 (en) 2016-02-23 2023-03-14 Nchain Licensing Ag System and method for controlling asset-related actions via a block chain
US11126976B2 (en) 2016-02-23 2021-09-21 nChain Holdings Limited Method and system for efficient transfer of cryptocurrency associated with a payroll on a blockchain that leads to an automated payroll method and system based on smart contracts
US11625694B2 (en) 2016-02-23 2023-04-11 Nchain Licensing Ag Blockchain-based exchange with tokenisation
US11621833B2 (en) 2016-02-23 2023-04-04 Nchain Licensing Ag Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system
CN106843979A (en) * 2017-01-24 2017-06-13 北京经纬恒润科技有限公司 The update method and device of a kind of application program
CN107276748A (en) * 2017-06-01 2017-10-20 贵州师范大学 A kind of keyless entry of automobile and the key derivation process of activation system
WO2019032580A1 (en) * 2017-08-11 2019-02-14 Honeywell International Inc. Apparatus and method for encapsulation of profile certificate private keys or other data
US20190052610A1 (en) * 2017-08-11 2019-02-14 Honeywell International Inc. Apparatus and method for encapsulation of profile certificate private keys or other data
CN110999205A (en) * 2017-08-11 2020-04-10 霍尼韦尔国际公司 Apparatus and method for encapsulation of profile certificate private keys or other data
EP3531667A1 (en) * 2018-02-26 2019-08-28 Deutsche Telekom AG Establishment of communication functions for participant identity modules
CN112219416A (en) * 2018-06-13 2021-01-12 基根(英国)有限公司 Techniques for authenticating data transmitted over a cellular network
US11082406B2 (en) * 2018-11-29 2021-08-03 Secret Double Octopus Ltd System and method for providing end-to-end security of data and metadata
CN112583787A (en) * 2019-09-30 2021-03-30 意法半导体有限公司 Apparatus and method for encryption
US11451378B2 (en) * 2019-09-30 2022-09-20 Stmicroelectronics Sa Device and method for encryption

Also Published As

Publication number Publication date
US20160021075A1 (en) 2016-01-21
US9485230B2 (en) 2016-11-01
WO2014042701A1 (en) 2014-03-20
US9210138B2 (en) 2015-12-08
US20140082359A1 (en) 2014-03-20

Similar Documents

Publication Publication Date Title
US9485230B2 (en) Efficient key generator for distribution of sensitive material from multiple application service providers to a secure element such as a universal integrated circuit card (UICC)
US11229023B2 (en) Secure communication in network access points
US9866376B2 (en) Method, system, and device of provisioning cryptographic data to electronic devices
US11949798B2 (en) Secure configuration of a secondary platform bundle within a primary platform
CN110050437B (en) Apparatus and method for distributed certificate registration
US10454674B1 (en) System, method, and device of authenticated encryption of messages
CN104094267B (en) Method, apparatus and system for secure sharing of media content from a source device
AU2013230989B2 (en) Policy for secure packet transmission using required node paths and cryptographic signatures
RU2518924C2 (en) Wireless device, user access control client request method and access control client method
US9219607B2 (en) Provisioning sensitive data into third party
US10880100B2 (en) Apparatus and method for certificate enrollment
EP3479540A1 (en) Multi-hop secure content routing based on cryptographic partial blind signatures and embedded terms
EP4258593A1 (en) Ota update method and apparatus
US20220284133A1 (en) Executing entity-specific cryptographic code in a cryptographic coprocessor
Lee et al. TEE based session key establishment protocol for secure infotainment systems
US20210111901A1 (en) Executing entity-specific cryptographic code in a trusted execution environment
KR20220081068A (en) Application security device and method using encryption/decryption key
WO2021071719A1 (en) Executing entity-specific cryptographic code in a cryptographic coprocessor

Legal Events

Date Code Title Description
AS Assignment

Owner name: MOTOROLA MOBILITY LLC, ILLINOIS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:NAKHJIRI, MADJID;CHAN, TAT KEUNG;MEDVINSKY, ALEXANDER;AND OTHERS;SIGNING DATES FROM 20130605 TO 20130607;REEL/FRAME:030604/0378

AS Assignment

Owner name: GOOGLE TECHNOLOGY HOLDINGS LLC, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MOTOROLA MOBILITY LLC;REEL/FRAME:034234/0001

Effective date: 20141028

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION